Monday, November 8, 2010

Internet hackers attack Treasury

The Finance Ministry’s website. Photo/COURTESY/http://www.treasury.go.ke/

The Finance Ministry’s website. Photo/COURTESY/http://www.treasury.go.ke/ 

By JEVANS NYABIAGE [email protected]

Kenya’s cyber highway is not safe from virtual fraudsters and other malignant cyber crooks. As the country boasts three undersea fibre optic cables, cyber attacks are on the increase, targeting government and corporate with rich databases.

At the weekend, Finance Ministry’s website was brought down by hackers. Opening the www.treasury.go.ke returned a blank black screen with words “Hacked by ReisBEY Muslim Turkish Hacker,” in red and white .

The hackers are suspected to be similar to those who hacked Kenya Airways website in 2008.

There is a dramatic increase in hacking of websites in Kenya. In the past year a number of websites have been compromised, including Statehouse.co.ke, and those of Kenya administration police (www.administrationpolice.go.ke, Kenya government portal (http://kenya.go.ke), mobile phone company’s yu.co.ke, among others.

When the government website http://kenya.go.ke, was broken into, it was turned it into a promotion portal for Viagra, the sex enhancing drug.

Space.co.ke was also another victim of the ongoing spate of hacking. In July, propertyzote.com was hacked in an attempt to extract information on real estate. The hackers corrupted and shut down the website.

Word has it that the most famous hack was in 2008 when the Department of Defence was attempting to transfer money to Ukrainian arms dealers over unsecured protocols (specifically http) when the money (in billions) got intercepted by Russian hackers who presumably proceeded to have to largest party ever courtesy of Kenyan tax payers.

Mr Harry Mathenge, Director Alpex Consulting Africa Ltd, in an earlier interview, said there is no single organisation either public or private in Kenya that can guarantee safety of information in their databases. Security standards applied worldwide remain entirely absent in Kenya.

Mr Mathenge says in Kenya, no national organisation encrypts its sensitive information; no Internet service provider has been certified as offering security to the millions of emails held on their servers. From insurance companies to banks and government departments most are exposed.

“As things stand, information security breaches are making headlines in Kenya every day, hurting firms, citizens and government. The proposed constitution was changed before it reached the printers. Our banking system is getting rapidly less successful in holding our money,” he adds.

The availability of super fast internet has allowed many people to rush to technology but without focus on the threat of cybercrime.

Experts say unless it is addressed urgently, cyber crime will continue to prevail because it pays: what used to be the domain of hobby hackers has attracted the attention of criminals looking to profit.

The moment the first submarine fibre optic cable landed, local businesses became more accessible on the World Wide Web (www), attracting the attention of international hackers.

The tragedy is that local businesses did not move with high speed to upgrade information security systems to ward off international hackers. These companies are now prone to hefty financial losses through theft or data corruption.

“An organisation is secure until when people know they exist,” Evans Kahuthu, a security specialist from Teqlink Solutions, recently at a workshop organised to sensitise firms on cyber security.

“With the various cables connecting the country being lit up, the intensity of attacks will increase as the country is connected to the world.”

advertisement